{"report_id":"8b8e8486-921e-4de1-9d77-7aaa18861d41","version":6,"status":"done","tags":[],"date":"2025-11-03T04:41:32Z","url":{"schema":"http","addr":"paypal-poker.co.uk/","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"3.164.240.57","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"paypal-poker.co.uk/","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"title":"Paypal Poker - Play Online Poker with Paypal","dom":{"size":8525,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"1d86e4035a172c8e6ac5413a3e79cf1b","sha1":"281dff53b7a185fbef4bd3d71114c56e297fb46a","sha256":"1202b9dd0e07ed5fc4dd96435181aab29673498a7f095d77ca0dc4af4e377c33","sha512":"950f3b0810b783e1d8d163933e5032d1b09060a93b6d5dd280bbe1d8b8a0bfcf99b5e83d2d49ee3ec59ec66251fc7adb0971a438551f04ad54ab4b8b30c11320","ssdeep":"192:H3p/SJrlubI8BdCfE3xUKKCC4ZQ66f35gHx4v4S0w/64l+zKIw9ADEh:HUovbElabp0","tlshash":"a202b812a28c122fc90712a17664eeec8be7214943e5494cbd2fd46f13c89ca573b7ec","dom_hash":"domhashc69d0f253fae9201bf42f943e50f1269","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWw+PGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXdpbmRvd3MtMTI1MiI+CjxsaW5rIHR5cGU9InRleHQvY3NzIiByZWw9InN0eWxlc2hlZXQiIGhyZWY9InN0eWxlLmNzcyI+CjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJGaW5kIHRoZSBiZXN0IFBheXBhbCBwb2tlciBzaXRlcyB3aGljaCBhbGxvdyB5b3UgdG8gcGxheSBvbmxpbmUgcG9rZXIgd2l0aCBQYXlwYWwuIj4KPG1ldGEgbmFtZT0ia2V5d29yZHMiIGNvbnRlbnQ9InBheXBhbCBwb2tlciwgb25saW5lIHBva2VyIj4KPHRpdGxlPlBheXBhbCBQb2tlciAtIFBsYXkgT25saW5lIFBva2VyIHdpdGggUGF5cGFsPC90aXRsZT4KPC9oZWFkPgoKPGJvZHkgYmFja2dyb3VuZD0iZy9iZy5naWYiPgoKPGRpdiBhbGlnbj0iY2VudGVyIj4KCTx0YWJsZSB3aWR0aD0iODAwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIGJvcmRlcj0iMCI+CgkJPHRib2R5Pjx0cj4KCQkJPHRkPjxpbWcgc3JjPSJnL3BheXBhbC1wb2tlci5naWYiIGFsdD0iUGF5cGFsIFBva2VyIiB3aWR0aD0iODAwIiBoZWlnaHQ9IjEwMCIgYm9yZGVyPSIwIj48L3RkPgoJCTwvdHI+Cgk8L3Rib2R5PjwvdGFibGU+CjwvZGl2PgoKPGRpdiBhbGlnbj0iY2VudGVyIj4KCTx0YWJsZSBzdHlsZT0iYm9yZGVyLWNvbGxhcHNlOiBjb2xsYXBzZSIgd2lkdGg9IjgwMCIgY2VsbHBhZGRpbmc9IjUiIGJvcmRlcmNvbG9yPSIjRUFFQUVBIiBib3JkZXI9IjEiIGJnY29sb3I9IiNGRkZGRkYiPgoJCTx0Ym9keT48dHI+CgkJCTx0ZCB2YWxpZ249InRvcCI+Cgo8aDE+UGF5cGFsIFBva2VyIC0gUGxheSBPbmxpbmUgUG9rZXIgV2l0aCBQYXlwYWw8L2gxPgo8cD5XZWxjb21lIHRvIFBheXBhbCBQb2tlciwgdGhlIGxlYWRpbmcgc2l0ZSBkZXNpZ25lZCB0byBoZWxwIHlvdSBmaW5kIG9ubGluZSAKcG9rZXIgc2l0ZXMgdGhhdCBhY2NlcHQgUGF5cGFsIGRlcG9zaXRzLiZuYnNwOyBIZXJlIGF0IFBheXBhbCBQb2tlciwgd2Ugc3RyaXZlIAp0byBicmluZyBvdXIgdmlzaXRvcnMgdGhlIGJlc3QgYm9udXNlcyAmYW1wOyByZXZpZXdzIGZyb20gdmFyaW91cyBvbmxpbmUgcG9rZXIgCndlYnNpdGVzIHRoYXQgYWNjZXB0IFBheXBhbC4mbmJzcDsgQXMgb25lIG9mIHRoZSBlYXNpZXN0IGFuZCBtb3N0IAp0cnVzdGVkIHdheXMgdG8gZGVwb3NpdCBvbmxpbmUsIGZpbmRpbmcgYSBwb2tlciByb29tIHdoaWNoIGFjY2VwdHMgUGF5cGFsIGlzIG5vIAplYXN5IHRhc2suJm5ic3A7IFBheXBhbCBmb3IgcG9rZXIgaXMgb25seSBhdmFpbGFibGUgYXQgYSBmZXcgc2VsZWN0IHBva2VyIHNpdGVzIAomYW1wOyBjb3VudHJpZXMgYnV0IGx1Y2tpbHkgd2UgaGF2ZSBtYW5hZ2VkIHRvIHdvcmsgb3V0IHNvbWUgZXhjZWxsZW50IHBva2VyIApib251c2VzIGZvciBzb21lIG9mIHRoZSB0b3AgUGF5cGFsIHBva2VyIHJvb21zIGFjcm9zcyB0aGUgZ2xvYmUuJm5ic3A7IE9uIG91ciAKd2Vic2l0ZSB5b3Ugb25seSB3aWxsIGZpbmQgcG9rZXIgYW5kIGNhc2lubyBzaXRlcyB0aGF0IGFjY2VwdCBQYXlwYWwuPC9wPjxoMj5XaGljaCBQb2tlciBTaXRlcyBBY2NlcHQgUGF5cGFsPzwvaDI+CjxwPldlIGhhdmUgY29tcGlsZWQgdGhlIGJlc3QgUGF5cGFsIG9ubGluZSBwb2tlciBzaXRlcyBhdmFpbGFibGUgdG8gYm90aCAKcGxheWVycyBpbiB0aGUgVUsgYXMgd2VsbCBhcyBhIG51bWJlciBvZiBvdGhlciBqdXJpc2RpY3Rpb25zIHRocm91Z2hvdXQgRXVyb3BlLiZuYnNwOyBFYWNoIG9mIHRoZSAKcG9rZXIgcm9vbXMgbGlzdGVkIG9uIG91ciBzaXRlIG9mZmVycyBhIG51bWJlciBvZiBkaWZmZXJlbnQgc2lnbiB1cCBib251c2VzIAp3aGljaCBhcmUgYXZhaWxhYmxlIGV4Y2x1c2l2ZWx5IHRvIG5ldyBwbGF5ZXJzIHdobyByZWdpc3RlciBhbmQgb3BlbiBhY2NvdW50cyAKdGhyb3VnaCB0aGUgUGF5cGFsLVBva2VyLmNvLnVrIHdlYnNpdGUuJm5ic3A7IEJlIHN1cmUgdG8gY2hlY2sgYmFjayBvZnRlbiwgYXMgd2UgCmFyZSBjb25zdGFudGx5IHVwZGF0aW5nIG91ciBQYXlwYWwgcG9rZXIgc2l0ZXMgJmFtcDsgc3BlY2lhbCBib251c2VzLiZuYnNwOyBGb3IgCm5vdywgeW91IGNhbiBzZWUgdGhlIHRvcCBQYXlwYWwgYWNjZXB0aW5nIHBva2VyIHJvb21zIGJlbG93IGNvbXBsZXRlIHdpdGggc2lnbiAKdXAgYm9udXMgb2ZmZXJzIGxpc3RlZCBiZWxvdy48L3A+Cgo8dGFibGUgc3R5bGU9ImJvcmRlci1jb2xsYXBzZTogY29sbGFwc2UiIHdpZHRoPSIxMDAlIiBjZWxscGFkZGluZz0iMyIgYm9yZGVyY29sb3I9IiNFNEU0RTQiIGJvcmRlcj0iMSI+Cjx0Ym9keT48dHI+Cjx0ZCBjbGFzcz0icmVzdWx0SGVhZGVyU3R5bGUiIHdpZHRoPSIxNiUiIG5vd3JhcD0iIiBiZ2NvbG9yPSIjRkZGRkNDIj4KPHAgc3R5bGU9InRleHQtYWxpZ246IGxlZnQiPjxmb250IGNvbG9yPSIjODAwMDAwIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOiA4cHQiPlBva2VyIFNpdGU8L3NwYW4+PC9mb250PjwvcD48L3RkPgo8dGQgY2xhc3M9InJlc3VsdEhlYWRlclN0eWxlIiB3aWR0aD0iNyUiIG5vd3JhcD0iIiBiZ2NvbG9yPSIjRkZGRkNDIj48Zm9udCBjb2xvcj0iIzgwMDAwMCI+UGF5cGFsPC9mb250PjwvdGQ+Cjx0ZCBjbGFzcz0icmVzdWx0SGVhZGVyU3R5bGUiIHdpZHRoPSIxOSUiIG5vd3JhcD0iIiBiZ2NvbG9yPSIjRkZGRkNDIj48Zm9udCBjb2xvcj0iIzgwMDAwMCI+UG9rZXIgU29mdHdhcmU8L2ZvbnQ+PC90ZD4KPHRkIGNsYXNzPSJyZXN1bHRIZWFkZXJTdHlsZSIgd2lkdGg9IjE5JSIgbm93cmFwPSIiIGJnY29sb3I9IiNGRkZGQ0MiPjxmb250IGNvbG9yPSIjODAwMDAwIj5SYXRpbmc8L2ZvbnQ+PC90ZD4KPHRkIGNsYXNzPSJyZXN1bHRIZWFkZXJTdHlsZSIgd2lkdGg9IjE4JSIgbm93cmFwPSIiIGJnY29sb3I9IiNGRkZGQ0MiPjxmb250IGNvbG9yPSIjODAwMDAwIj5Cb251cyBPZmZlcjwvZm9udD48L3RkPgo8dGQgY2xhc3M9InJlc3VsdEhlYWRlclN0eWxlIiB3aWR0aD0iMTQlIiBub3dyYXA9IiIgYmdjb2xvcj0iI0ZGRkZDQyI+PGZvbnQgY29sb3I9IiM4MDAwMDAiPkJvbnVzIExpbms8L2ZvbnQ+PC90ZD4KPC90cj4KPHRyIGNsYXNzPSJyZXN1bHRFdmVuU3R5bGUiIHZhbGlnbj0idG9wIj4KICA8dGQgdmFsaWduPSJtaWRkbGUiPjxzdHJvbmc+PGEgaHJlZj0iZ28vODg4cG9rZXIucGhwIj44ODggUG9rZXI8L2E+PC9zdHJvbmc+PC90ZD4KICA8dGQgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPlllczwvdGQ+CiAgPHRkIHZhbGlnbj0ibWlkZGxlIiBhbGlnbj0iY2VudGVyIj44ODggR2FtaW5nPC90ZD4KICA8dGQgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJnLzEwLXN0YXJzLmdpZiIgYWx0PSJSYXRpbmciIHdpZHRoPSIxMjgiIGhlaWdodD0iMTQiIGJvcmRlcj0iMCI+PC90ZD4KICA8dGQgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPjxmb250IGNvbG9yPSIjMDA4MDAwIj48Yj4xMDAlIHVwIHRvIOKCrDYwMDwvYj48L2ZvbnQ+PC90ZD4KICA8dGQgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPjxzdHJvbmc+PGEgaHJlZj0iZ28vODg4cG9rZXIucGhwIj5DbGljayBIZXJlPC9hPjwvc3Ryb25nPjwvdGQ+CjwvdHI+Cjx0ciBjbGFzcz0icmVzdWx0RXZlblN0eWxlIiB2YWxpZ249InRvcCI+Cjx0ZCB3aWR0aD0iMTYlIiB2YWxpZ249Im1pZGRsZSI+PGI+PGEgaHJlZj0iaHR0cDovL3d3dy5wYXlwYWwtcG9rZXIuY28udWsvZ28vYmV0MzY1cG9rZXIucGhwIj5CZXQzNjUKICAgICAgUG9rZXI8L2E+PC9iPjwvdGQ+Cjx0ZCB3aWR0aD0iNyUiIHZhbGlnbj0ibWlkZGxlIiBhbGlnbj0iY2VudGVyIj5ZZXM8L3RkPgo8dGQgd2lkdGg9IjE5JSIgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPlBsYXl0ZWNoPC90ZD4KPHRkIHdpZHRoPSIxOSUiIHZhbGlnbj0ibWlkZGxlIiBhbGlnbj0iY2VudGVyIj48aW1nIHNyYz0iZy84LjUtc3RhcnMuZ2lmIiBhbHQ9IlJhdGluZyIgd2lkdGg9IjEyOCIgaGVpZ2h0PSIxNCIgYm9yZGVyPSIwIj48L3RkPgo8dGQgd2lkdGg9IjE4JSIgdmFsaWduPSJtaWRkbGUiIGFsaWduPSJjZW50ZXIiPjxiPjxmb250IGNvbG9yPSIjRkYwMDAwIj4xMDAlIHVwCiAgICAgIHRvIOKCrDEwMDwvZm9udD48L2I+PC90ZD4KPHRkIHdpZHRoPSIxNCUiIHZhbGlnbj0ibWlkZGxlIiBhbGlnbj0iY2VudGVyIj48Yj48YSBjbGFzcz0iYmx1ZSIgdGFyZ2V0PSJfbmV3IiBocmVmPSJodHRwOi8vd3d3LnBheXBhbC1wb2tlci5jby51ay9nby9iZXQzNjVwb2tlci5waHAiPkNsaWNrIEhlcmU8L2E+PC9iPjwvdGQ+Cgo8L3RyPgoKPCEtLTx0ciB2YWxpZ249InRvcCIgY2xhc3M9InJlc3VsdEV2ZW5TdHlsZSI+Cjx0ZCB2YWxpZ249bWlkZGxlIHdpZHRoPSIxNiUiPjxiPjxhIGhyZWY9IiMiPldpbGxpYW0KICAgICAgSGlsbDwvYT48L2I+PC90ZD4KPHRkIGFsaWduPWNlbnRlciB2YWxpZ249bWlkZGxlIHdpZHRoPSI3JSI+WWVzPC90ZD4KPHRkIGFsaWduPWNlbnRlciB2YWxpZ249bWlkZGxlIHdpZHRoPSIxOSUiPmlQb2tlcjwvdGQ+Cjx0ZCBhbGlnbj1jZW50ZXIgdmFsaWduPW1pZGRsZSB3aWR0aD0iMTklIj48aW1nIGJvcmRlcj0iMCIgc3JjPSJnLzktc3RhcnMuZ2lmIiB3aWR0aD0iMTI4IiBoZWlnaHQ9IjE0IiBhbHQ9IlJhdGluZyI+PC90ZD4KPHRkIGFsaWduPWNlbnRlciB2YWxpZ249bWlkZGxlIHdpZHRoPSIxOCUiPjxiPjxmb250IGNvbG9yPSIjMDAwMEZGIj4xMDAlIHVwCiAgICAgIHRvICZldXJvOzQwMDwvZm9udD48L2I+PC90ZD4KPHRkIGFsaWduPWNlbnRlciB2YWxpZ249bWlkZGxlIHdpZHRoPSIxNCUiPjxiPjxhIGNsYXNzPSJibHVlIiB0YXJnZXQ9Il9uZXciIGhyZWY9IiMiPkNsaWNrIEhlcmU8L2E+PC9iPjwvdGQ+CjwvdHI+LS0+CjwvdGJvZHk+PC90YWJsZT48cD48L3A+CjxwPjxicj4KICAKICA8aW1nIHNyYz0iZy9wYXlwYWxfcG9rZXIuanBnIiBhbHQ9IlBheXBhbCBQb2tlciIgd2lkdGg9IjUxMyIgaGVpZ2h0PSIxNTMiIGJvcmRlcj0iMCI+PC9wPgo8cD5JbiBvcmRlciB0byB1c2UgUGF5cGFsIGZvciBvbmxpbmUgcG9rZXIgeW91IHdpbGwgbmVlZCB0byBoYXZlIGEgUGF5cGFsIAphY2NvdW50LCB3aGljaCBjYW4gYmUgb3BlbmVkIGZvciBmcmVlIGFuZCBmdW5kZWQgdGhyb3VnaCB5b3VyIGJhbmsgYWNjb3VudCwgdmlhIApjcmVkaXQgY2FyZCBvciBhIG51bWJlciBvZiBvdGhlciBkZXBvc2l0IG1ldGhvZHMuJm5ic3A7IEFmdGVyIHlvdXIgYWNjb3VudCBpcyAKZnVuZGVkLCB5b3UgYXJlIG5vdyByZWFkeSB0byBkZXBvc2l0IGF0IGEgcG9rZXIgc2l0ZSBhbmQgYmVpbmcgcGxheWluZyBmb3IgcmVhbCAKbW9uZXkuJm5ic3A7IFNpbmNlIFBheXBhbCBpcyBhbiBlV2FsbGV0IGFjY291bnQsIHlvdSBjYW4gYWxzbyBjYXNoIG91dCB5b3VyIApwb2tlciB3aW5uaW5ncyB2aWEgUGF5cGFsIGFuZCB0aGVuIHRyYW5zZmVyIHRoZSBmdW5kcyB0byB5b3VyIGxvY2FsIGJhbmsgCmFjY291bnQuJm5ic3A7IEJlbG93IHlvdSB3aWxsIHNlZSBhIGxpc3Qgb2Ygc29tZSBvZiB0aGUgYmVzdCBQYXlwYWwgcG9rZXIgc2l0ZXMgCmluY2x1ZGluZyBleGNlbGxlbnQgYm9udXNlcyBhbmQgZnVsbCByZXZpZXdzLjwvcD4KPHA+Rm9yIG1vcmUgYm9udXNlcyB5b3UgY2FuIHZpc2l0IHRoaXMgc2l0ZSB3aGljaCBvZmZlcnMgdGhlIFRvcAogIFBva2VyIENvZGUgZm9yIG5lYXJseSAyMCBkaWZmZXJlbnQgb25saW5lIHBva2VyIHJvb21zIGluY2x1ZGluZyBQYXJ0eVBva2VyLmNvbS4gPC9wPgo8aDI+SG93IFRvIERlcG9zaXQgV2l0aCBQYXlwYWwgRm9yIFBva2VyPC9oMj4KPHA+T25jZSB5b3UgaGF2ZSBzZWxlY3RlZCBvbmUgb2Ygb3VyIDxpPlBheXBhbCBQb2tlcjwvaT4gcGFydG5lcnMsIHNpZ25pbmcgdXAsIApnZXR0aW5nIHlvdXIgYm9udXMgYW5kIG1ha2luZyB5b3VyIGZpcnN0IGRlcG9zaXQgaXMgcXVpdGUgZWFzeS4mbmJzcDsgRmlyc3QsIApkb3dubG9hZCB0aGUgcG9rZXIgc29mdHdhcmUgZnJvbSBvbmUgb2YgdGhlIHJlY29tbWVuZGVkIHBva2VyIHNpdGVzIGFuZCBjcmVhdGUgYSAKcmVhbCBtb25leSBhY2NvdW50ICh0aGlzIHdpbGwgZW5hYmxlIHlvdSB0byBwbGF5IHBva2VyIHdpdGggUGF5cGFsKS4mbmJzcDsgVGhlbiAKYWxsIHlvdSBuZWVkIHRvIGRvIGlzIGdvIHRvIHRoZSBjYXNoaWVyIHdpdGhpbiB0aGUgcG9rZXIgY2xpZW50IGFuZCBzZWxlY3QgClBheXBhbCBhcyBhIGRlcG9zaXQgb3B0aW9uLiZuYnNwOyBZb3UgY2FuIHRoZW4gY2hvb3NlIHlvdXIgaW5pdGlhbCBkZXBvc2l0IAphbW91bnQgYW5kIGNvbXBsZXRlIHlvdXIgZGVwb3NpdCB0aHJvdWdoIGluc3RhbnQgdHJhbnNmZXIsIFBheXBhbCBiYWxhbmNlLCAKZUNoZWNrLCBjcmVkaXQgY2FyZCBhbmQgYSBudW1iZXIgb2Ygb3RoZXIgb3B0aW9ucyBvZmZlcmVkIHRocm91Z2ggUGF5cGFsIApwYXltZW50cy4mbmJzcDsgVGhlIGJlc3QgcGFydCBhYm91dCB1c2luZyBwYXlwYWwgdG8gZ2FtYmxpbmcgb25saW5lIGlzIHRoYXQgeW91IApuZXZlciBleHBvc2UgYW55IG9mIHlvdXIgZmluYW5jaWFsIGRhdGEgc2luY2UgdHJhbnNhY3Rpb25zIGFyZSB0aHJvdWdoIHlvdXIgCmFjY291bnQuPC9wPgo8aDM+QWJvdXQgUGF5cGFsICZhbXA7IFBheXBhbCBGb3IgUG9rZXI8L2gzPgo8cD5QYXlwYWwgaXMgdGhlIHdvcmxkJ3MgbGFyZ2VzdCBvbmxpbmUgcGF5bWVudCBwcm9jZXNzb3IgYW5kIHdhcyBwcmVkb21pbmFudGx5IApzdGFydGVkIGFzIGEgbWV0aG9kIGZvciBlQmF5IGJ1eWVycyBhbmQgc2VsbGVycyB0byBzZW5kIGZ1bmRzIHRvIG9uZSBhbm90aGVyIGluIAphIHF1aWNrLCBjb252ZW5pZW50IGFuZCBzYWZlIG1hbm5lci4mbmJzcDsgVGhlIHBheW1lbnQgc3lzdGVtIHdhcyBlc3RhYmxpc2hlZCBpbiAKMTk5OSBhbmQgc2luY2UgdGhlbiBoYXMgZXhwZXJpZW5jZWQgZW5vcm1vdXMgZ3Jvd3RoIGFjcm9zcyB0aGUgZ2xvYmUsIApwYXJ0aWN1bGFybHkgbm90ZWQgd2hlbiB0aGUgY29tcGFueSB3YXMgcHVyY2hhc2VkIGJ5IGVCYXkgaW4gMjAwMiBmb3Ig4oKsMS41IApCaWxsaW9uIGRvbGxhcnMuJm5ic3A7IFdpdGggcmVnYXJkcyB0byBwb2tlciwgUGF5cGFsIHdhcyBhbHNvIG9uZSBvZiB0aGUgCmVhcmxpZXN0IHByb2Nlc3NvcnMgZm9yIG9ubGluZSBnYW1ibGluZyB1bnRpbCBpdCBhbWVuZGVkIGl0cyBwb2xpY2llcyB0byBleGNsdWRlIApjZXJ0YWluIGFyZWFzIChwcmltYXJpbHkgdGhlIFVuaXRlZCBTdGF0ZXMpIGZyb20gdXNpbmcgaXRzIHNlcnZpY2UgZm9yIGdhbWJsaW5nIApyZWxhdGVkIHRyYW5zYWN0aW9ucyBvbmxpbmUuPC9wPgo8cD5BbHRob3VnaCB0aGUgY29tcGFueSBtYWRlIHRoaXMgZGVjaXNpb24gaW4gCnRoZSBOb3J0aCBBbWVyaWNhbiBtYXJrZXQsIG1hbnkgRXVyb3BlYW4gY3VzdG9tZXJzIGNhbiBzdGlsbCBlbmpveSB0aGUgYmVuZWZpdHMgCm9mIHVzaW5nIFBheXBhbCBmb3IgcG9rZXIgYXQgYSBudW1iZXIgb2YgaGlnaCBxdWFsaXR5IHNpdGVzLiZuYnNwOyBUaGUgY3VycmVudCAKY291bnRyaWVzIHRoYXQgUGF5cGFsIHBlcm1pdHMgZm9yIGZ1bmRpbmcgcG9rZXIgYWNjb3VudHMgaW5jbHVkZSBBdXN0cmFsaWEsIApBdXN0cmlhLCBCZWxnaXVtLCBEZW5tYXJrLCBGaW5sYW5kLCBGcmFuY2UsIEdyZWVjZSwgSXJlbGFuZCwgSXRhbHksIFBvcnR1Z2FsLCAKU3BhaW4sIFN3ZWRlbiBhbmQgdGhlIFVLLjwvcD48L3RkPgo8dGQgd2lkdGg9IjE4JSIgdmFsaWduPSJ0b3AiIGFsaWduPSJyaWdodCI+Cgo8c3BhbiBjbGFzcz0iY2xhc3MxIj48cCBhbGlnbj0ibGVmdCI+PGI+UGF5cGFsIFBva2VyIFBhZ2VzPC9iPjxicj4KPGEgaHJlZj0iaHR0cDovL3d3dy5wYXlwYWwtcG9rZXIuY28udWsiPlBheXBhbCBQb2tlcjwvYT48YnI+CjxhIGhyZWY9Imh0dHA6Ly93d3cucGF5cGFsLXBva2VyLmNvLnVrL3NpdGVzLyI+UGF5cGFsIFBva2VyIFNpdGVzPC9hPjxicj4KPGEgaHJlZj0iaHR0cDovL3d3dy5wYXlwYWwtcG9rZXIuY28udWsvY2FzaW5vcy8iPlBheXBhbCBPbmxpbmUgQ2FzaW5vczwvYT48YnI+CjxhIGhyZWY9Imh0dHA6Ly93d3cucGF5cGFsLXBva2VyLmNvLnVrL3Nsb3RzLyI+UGF5cGFsIFNsb3RzPC9hPjxicj4KPGEgaHJlZj0iaHR0cDovL3d3dy5wYXlwYWwtcG9rZXIuY28udWsvb25saW5lLXBva2VyLXZzLWxpdmUvIj5PbmxpbmUgUG9rZXIgVnMuIExpdmU8L2E+PGJyPgo8YnI+PC9wPjwvc3Bhbj48L3RkPgoJCTwvdHI+Cgk8L3Rib2R5PjwvdGFibGU+CjwvZGl2PgoKPGRpdiBhbGlnbj0iY2VudGVyIj4KCTx0YWJsZSB3aWR0aD0iODAwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIGJvcmRlcj0iMCI+CgkJPHRib2R5Pjx0cj4KCQkJPHRkPjxpbWcgc3JjPSJnL2Zvb3QuZ2lmIiBhbHQ9IlBva2VyIiB3aWR0aD0iODAwIiBoZWlnaHQ9IjIyIiBib3JkZXI9IjAiPjwvdGQ+CgkJPC90cj4KCTwvdGJvZHk+PC90YWJsZT4KPC9kaXY+CgoKCgoKPC9ib2R5PjwvaHRtbD4="}},"submit":{"url":{"schema":"http","addr":"paypal-poker.co.uk/","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"3.164.240.57","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-08T04:41:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"paypal-poker.co.uk","ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-02-20","domain_rank":0,"first_seen":"2025-10-13T07:40:04.201089Z","last_seen":"2025-10-13T07:40:04.201089Z","alert_count":9,"request_count":9,"received_data":79118,"sent_data":4039,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"paypal-poker.co.uk/","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-03T04:41:10.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 2901\r\ndate: Mon, 03 Nov 2025 04:41:03 GMT\r\ncontent-encoding: gzip\r\nserver: Apache\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 6ehQVbViIasdrOJaprs3FCJ8dQDb_OzHryI4nQboGQibzCxjLkf2fQ==\r\nage: 6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8409,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"59c6b0ea3c83228e554bdb1a2408b980","sha1":"27bcd961b5f2995d9c544ce1eab6fadf12dfdd09","sha256":"3caa655c8eab66f97d8d645b0d8f79c14ce1ea16e48a2408ba88091604d79b29","sha512":"bb4d63c0950543ad67cf5052e45c3770d22c125e90084a32ef379afe4f36816e93526c8abf00e1bb35dbe99d12e598752653e778258e9dd87424fef7a71e006e","ssdeep":"192:W3p/SCJlubI8BdCfE3xGY9TJC+ZWpyCC4ZQ6Nvf35gHx4v4S0w/65l+z9kIw9An4:WD3kJOBSb9la9ZpU4M","tlshash":"9802a411938c522f890702a17660efed4be7264643d44958bd6fe8af17ca4ca57373ec","first_seen":"2025-10-13T07:40:06.894435Z","last_seen":"2025-11-21T12:37:42.60563Z","times_seen":3,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":318,"dns":56,"connect":1,"send":0,"wait":22,"receive":1,"ssl":259},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/style.css","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css\r\ncontent-length: 719\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:10 GMT\r\ncontent-encoding: gzip\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:01:13 GMT\r\naccept-ranges: bytes\r\netag: \"a1f-49c9901532c40-gzip\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 4Wq0Ll9lotloFL20vd_64nWkFMBapOCm2YKO1TkGwjtQ0PDtH65UQw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2591,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e2e439d40eee23a38c5195a1819459e1","sha1":"7b2489cbc8e467e515803e61b24942eeb5aa8409","sha256":"1ab82e7ec1b770f5e5f46513d3b53108fb85cd019f2aacd9c09ee4ab7d34e96f","sha512":"03e4a951d66a4e51f54141c69d8e4f6c6a5a102873e21101b90be77a4e53d02ac46f516d17ec09673786a28ff92dc17776c8834d85fc2469a15fcd488af5cf91","ssdeep":"","tlshash":"4f51ae87fb080306f42b2492f117fbe3b558964620990bb475bdad25cf8b53523a536c","first_seen":"2025-10-13T07:40:06.896206Z","last_seen":"2025-11-21T12:37:42.606733Z","times_seen":3,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/paypal-poker.gif","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/paypal-poker.gif HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 15711\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:10 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:32 GMT\r\netag: \"3d5f-49c98fee19000\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: F6J_FS8kxQF0RV2SLBBxSFmvtHgzyrl7ID0pJFkAnNV45HymnGjNzA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15711,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 100","md5":"d92e208a1d7b1316e06bf675751666ac","sha1":"2140ce8693eddd4fd709e441d4f7fba6d465208f","sha256":"0a73a89947f968d037ff4de78256b6baeee60afac283c4e3bd0c06aade5e3ffe","sha512":"a046fba8424fc6433012887bf2d3630eb26b3ff93a6cb7105b931b721ef241dd87eef0840ffa22b4225d4e2eaabd6040a620ecc0e67d1e2ca2915c8731cf5de6","ssdeep":"384:GQqJ5mnqAsyaccifJGtzjiim+YuhxBFgjR2WcyDOxOf:GJ5mnqAs2cYYtzjiWYuhxByjQq6k","tlshash":"6a62ae1cfafa34a8ff60c05756ab1b25216f0a1cf5b267f03a11dd56809c5528d7287b","first_seen":"2025-10-13T07:40:06.901124Z","last_seen":"2025-11-21T12:37:42.607785Z","times_seen":3,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/10-stars.gif","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/10-stars.gif HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 708\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:11 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:20 GMT\r\netag: \"2c4-49c98fe2a7500\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: czuGPIeQhlLE2iFehbsOSLWE9BzZDVkHtDxa0mKeYVA99ZbUyBrWIQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":708,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 128 x 14","md5":"33ec7f0bd47eddcf01156f6adf95e8bd","sha1":"9543481681612088d9097e69e57bf289803cf21e","sha256":"cb3d788e200755c51a08c086357df62c5b0edd1655c260f8d16e8a3080666004","sha512":"f424924da3088d0ffd82a3d9fde87dd6e2113008153126fc1dea0e936e6be57e5de46675a78cc30ddfbb4cf9718302c42edd0b904ac54649bf87f1d9c27c0fc2","ssdeep":"","tlshash":"46018895d2f9bd15fa8595fc1d07305e0c2006ce01105de9ca00f777329e4f05459550","first_seen":"2025-10-13T07:40:06.902786Z","last_seen":"2025-11-21T12:37:42.608647Z","times_seen":3,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/foot.gif","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/foot.gif HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 397\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:10 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:27 GMT\r\netag: \"18d-49c98fe9544c0\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: JwMagJqKn-Suwireq5fUEMnhgorEqxRXWhpExHl7d1FZRrGzLWDY1Q==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":397,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 22","md5":"7080c7048d8775379ca5ae220bea8efc","sha1":"d325204c9a4ef26c708f40c9a5c585305b018f50","sha256":"9eb0fb70662695c0a5bac64fc125b593aadd0116c9e2f4bb4ba83c621015e0c3","sha512":"876ed21d3d0d6c3242dc36f9632fb76af7efa130b0ad5b8854f959dd2024618673d547dd82145b88dcd27619a5c7637f407b296e8a11e8813ad6f4261dd0a056","ssdeep":"","tlshash":"52e02b14519675b4dd279a3944d699ca604ebcec18a6d45a29b172e00b087a52428c6b","first_seen":"2025-10-13T07:40:06.898601Z","last_seen":"2025-11-21T12:37:42.602988Z","times_seen":3,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/bg.gif","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:11.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/bg.gif HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 45\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:11 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:26 GMT\r\netag: \"2d-49c98fe860280\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: KJHOgQSU24CqMCTwBve-P5xDtgUyub5oUJFEregYn_CNWQgDgnyQsQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":45,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 3 x 3","md5":"286309b2c6426a9746787f02aea4f3d6","sha1":"8396177b6ae07627e47dca91ea68d83e1983c701","sha256":"b53a80f857b8526361a3b7ed7fdeea94a7803e723b705ce418833ed04978cdf9","sha512":"965332ad00adbfd1b468000eb2523a25a5cbf7952bcf1a9cfa064fa1bb89924f7857f808fd3e8864f3baba3d667feb6822e3fdba4bb05847064eb1b249105b30","ssdeep":"","tlshash":"f6900284d4904e54c16450b085142060905815421105c33210751640a8af2d00281c01","first_seen":"2025-10-13T07:40:06.899854Z","last_seen":"2025-11-21T12:37:42.610434Z","times_seen":3,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/favicon.ico","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:11.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:11 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:18 GMT\r\netag: \"0-49c98fe0bf080\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: a6_G8g0h5t7BGcx6--jLvuFnN3gb7c7VHY_hK0T5BjHLsZ0vSR-4QA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/8.5-stars.gif","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/8.5-stars.gif HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 913\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:11 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:21 GMT\r\netag: \"391-49c98fe39b740\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 8qYwiIOGYqAeMToiqHg5rfUFDjhg1wd0i9HAL6fWVEeLFbb85n_p7Q==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":913,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 128 x 14","md5":"32c921b7e3842dfd8de7fb319da3d698","sha1":"d9dd7789e81f25439b4723448d1f807515d0b230","sha256":"f13c9323c8b7bc02398fa71393dbf27967a9feca4d0c5e776a1e0101e48ab0df","sha512":"5176f2053b80220a40fa64575f82ab5173d7dfb9d6cb3a00f579290e840778eb0ee54a4cd86d78890b6a7822ca2381d53747466e3bf6dab183ca11c95b1c9a13","ssdeep":"","tlshash":"c511d612dbbc760cf1600ff08ab41098440b136f2a2f25428b339651b8e14ca1bba0cf","first_seen":"2025-10-13T07:40:06.904371Z","last_seen":"2025-11-21T12:37:42.609558Z","times_seen":3,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paypal-poker.co.uk/g/paypal_poker.jpg","fqdn":"paypal-poker.co.uk","domain":"paypal-poker.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.109","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paypal-poker.co.uk/","date":"2025-11-03T04:41:10.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.paypal-poker.co.uk","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sat, 09 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"30:56:0E:6F:B4:9C:F3:F5:D4:E7:1C:98:8C:86:9B:E1:44:40:69:42","sha256":"25:73:5E:C9:EC:C4:0D:66:5A:2E:01:FA:9D:09:E2:1D:06:48:9C:92:8E:12:64:CC:55:F5:E8:8A:7B:78:E9:7F"}}},"request":{"raw":"GET /g/paypal_poker.jpg HTTP/1.1\r\nHost: paypal-poker.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paypal-poker.co.uk/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 46340\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Mon, 03 Nov 2025 04:41:10 GMT\r\naccept-ranges: bytes\r\nserver: Apache\r\nlast-modified: Sat, 19 Feb 2011 02:00:33 GMT\r\netag: \"b504-49c98fef0d240\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: VMlW8ZPdChn0nJ1LZ7KjADw8vhIGU78e4EaNtIGc6qbaifFoH75ZGQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46340,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 513x153, components 3","md5":"fc433a5797fd743fe2d2bfb82a3d0749","sha1":"b79b6533d6c468f3dc1098a88348fbb540eec82c","sha256":"f4db67001720d44fccc36d4a9e2ac5b3c8505f114313139219ef145323845039","sha512":"c5468f69b8b77add93611be7263776730b0cbe5a9766a405799fa3a0dbdd11f93b0e3e5f6438d2359d72a6d40fb7541c423d84fe56175f76c0bd785166c023e1","ssdeep":"768:QHpSEgKBfHWCaergA7wG1OCPouIF/4BuLTndaIrhLLVmYROWhCb8ZiKCAu:RGBv0erg7G1DIF/s8T4wLowgnX","tlshash":"cb23e048ef2ae554f34c5e24409f22ee97b9ffe563ed9c98c81214c7f3d45106b0a68a","first_seen":"2025-10-13T07:40:06.891492Z","last_seen":"2025-11-21T12:37:42.60007Z","times_seen":3,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-03","alert":"Sinkholed","trigger":"paypal-poker.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}